I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

PowerPoint Slideshow about 'A Framework for P2P Botnets' - kaloni

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

Previously, DDoS and spamming were the primary concern, but now applications such as keylogging and click fraud and other “for profit” purposes are becoming a focus of botnets. To make effective countermeasures against botnets, it is very important to not only study the existing ones of various kinds separately,but the inherent relationships among different botnets/worms (since most current botnets make use of worms to propagate), as well as the ones to appear in the

The peerlist construction of supernode in is similar to except that only exchange of peerlist is needed, there is no replacement of newly infected supernodes’ IPs, and only client nodes can infect supernodes.

PULL” based botnet

The idea of botnet structure in is similar to , except that the clients periodically communicate with any servant bot in their peerlist to grab the command.

On one hand, the botmaster wants the number of bots having psi = 1 and ki as low as possible to make the C&C control more covert.

On the other hand, given certain portion of bots in the botnet will be turned off or cleaned at any time, these values have to be large enough to maintain connectivity with the remaining botnet. Normally it is expected that attackers can adjust the above values to balance the tradeoff in these proposed botnets under specific situations.